Featured Domains

Mayor and his son accused of hacking into email and then illegally accessing GoDaddy account to cancel domain name registration.

West New York mayor Felix Roque and his son were arrested after allegedly working together to hack into an email account to gain access to a GoDaddy account and take down a domain name related to a recall effort against the mayor.

The complaint alleges that Roque’s son, Joseph Roque, was first able to compromise the email address for the owner of RecallRoque.com. Once he had access to the email he then was able to reset the password on the GoDaddy account that held the domain name. He subsequently logged in to cancel the registration, taking the recall web site down.

The complaint also alleges that the pair accessed communications from the registrant’s email account to harass people who were contributing information to Roque’s recall campaign.

It’s a rather fascinating read about how someone used the internet to figure out how to hack into an email account, and subsequently access a registrar account.

Forget worrying about losing your job as mayor. How does ending up in the slammer sound?

[note: the title of this post was updated to avoid confusion. The mayor’s son compromised an email account which was then used to do a password reset at GoDaddy.]

It is true that occasionally it can be useful when you don’t want anymore a domain. But turning off the auto-renew and letting expire is 99% as good to solve that specific problem. (because the main thing when you want to get rid of a domain is obviously that you get rid of the domain, the “when” can be more or less important but often not very important, and always secondary).

So the “cancel domain” button adds really little value. However if it “backfires” it can be “nuclear devastation”: just think of someone with a whole portfolio of domains built with tremendous effort along years and under an account at Godaddy. And now imagine someone finding his password… and he starts making use of the “cancel domain” button… If domainers have a common worst nightmare, it must of be this one.

In my opinion, the “cancel domain” button should win an award as the WORST domain registrar tool ever created.

It’s just terrible… In my opinion, if its not yet possible, Godaddy should at least give the option for the account owner to disable it.

Did you read the article? The father and son allegedly hacked the guy’s email.

What does that have to do with GoDaddy?

If you have an insecure email address, then it doesn’t matter how secure your credit card account, bank account, registrar account, etc. are. Any system that uses email as a contact method is only going to be as secure as your email account. There’s not a whole lot that any online service provider can do about that. This is particularly true of systems which have a lost password reset/recovery method which asks you for your email address and then sends you your password or a reset link. Now, some of these systems will require a non-transmitted piece of information, such as answers to security questions, and so on. But, more often than not, I forget the answers to my own security questions.

From time to time there are emails coming like Sender’s Address is shown to be Godaddy.com and ask to take a certain action.But,it is not actually sent by Godaddy.com. So, domain registrars should make it their policy not to click any link in their emails to their clients.

Correction of the above message.
So, domain registrars should make it their poicy not to ask their clients to click any links in their emails to them(clients). Or their emails should never include any links.
Sorry for the inconvseniences.